Syxsense announced the ability to scan for Log4j using Syxsense Secure, identifying endpoints that are exposed to this new vulnerability.
“Although a number of popular IT management and security tools are vulnerable, Syxsense is pleased to confirm that it does NOT use Log4j,” commented Ashley Leonard, CEO of Syxsense. “It imperative that IT departments respond quickly to this new threat by scanning their environment and identifying exposed endpoints.”
A vulnerability in Log4j which is a very popular Java-based logging tool has been weaponized. All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand-alone installer. Any application which uses Log4j for log file management or LDAP queries could also be vulnerable, unfortunately where this is the case, the vendor must provide updates for those 3rd party updates.
The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
What makes this extra serious, is that the Scope (also known as a Jump Point) is Changed – meaning that exploitation of this vulnerability could allow the attacked to affect resources beyond the security scope managed by the security authority of the vulnerable component.
CVE-2021-44228 – CVSS Score: 10
Syxsense risk alert:
- Attack vector: Any network
- Attack complexity: Low
- Privileges required: None
- User interaction: None
- Scope (Jump Point): Yes
As always, we recommend full testing be performed prior to live deployment to your device. These are now available within Syxsense.
If a business is uncertain of the prevalence of Log4j in their environment, or worried about the presence of Log4j in their scanning tools, be assured that Syxsense Secure does not use the logging tool with the vulnerability in it.
Businesses can download the Syxsense scanning tool and use it to run free scans of all the hard drives in their environment for 14 days at no cost.
Syxsense is also waiving the 100-device limit of our free trial for a limited time to ensure businesses can run a complete diagnostic scan in their environment.